[T2TRG] I-D Action: draft-irtf-t2trg-amplification-attacks-01.txt
internet-drafts@ietf.org Tue, 17 January 2023 09:07 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: t2trg@irtf.org
Delivered-To: t2trg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 08C5DC15258F; Tue, 17 Jan 2023 01:07:51 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: t2trg@irtf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 9.5.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: t2trg@irtf.org
Message-ID: <167394647102.790.15457332043401992152@ietfa.amsl.com>
Date: Tue, 17 Jan 2023 01:07:51 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/uyEXQpYmpxjRpFY0V6LYkg7608Y>
Subject: [T2TRG] I-D Action: draft-irtf-t2trg-amplification-attacks-01.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.39
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jan 2023 09:07:51 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Thing-to-Thing RG of the IRTF. Title : Amplification Attacks Using the Constrained Application Protocol (CoAP) Authors : John Preuß Mattsson Göran Selander Christian Amsüss Filename : draft-irtf-t2trg-amplification-attacks-01.txt Pages : 13 Date : 2023-01-17 Abstract: Protecting Internet of Things (IoT) devices against attacks is not enough. IoT deployments need to make sure that they are not used for Distributed Denial-of-Service (DDoS) attacks. DDoS attacks are typically done with compromised devices or with amplification attacks using a spoofed source address. This document gives examples of different theoretical amplification attacks using the Constrained Application Protocol (CoAP). The goal with this document is to raise awareness and to motivate generic and protocol-specific recommendations on the usage of CoAP. Some of the discussed attacks can be mitigated by not using NoSec or by using the Echo option. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-irtf-t2trg-amplification-attacks/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-irtf-t2trg-amplification-attacks-01.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-irtf-t2trg-amplification-attacks-01 Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
- [T2TRG] I-D Action: draft-irtf-t2trg-amplificatio… internet-drafts